|
VUPEN Web Application Security Scanner
is a software-as-a-service (SaaS)
solution which allows organizations to
accurately
detect the presence of vulnerabilities
in their web sites and web applications.
Black-box Scanning
VUPEN Web Application Security Scanner
includes an innovative and proprietary
technology developed by VUPEN security
experts which detects real-world
vulnerabilities automatically and
without access to the source code of
your applications.
Grey-box
Scanning
In addition of the black-box testing,
VUPEN WASS detects more than 8,000 vulnerabilities
affecting popular frameworks and web
scripts. Each day, VUPEN Security experts
add
new signatures to detect the latest
web vulnerabilities.
Vulnerability Checks Available
The WASS detects various real-world
vulnerabilities including:
|
Cross Site Scripting
SQL Injection
Directory Traversal
Arbitrary File Inclusion
PHP code execution
|
Cookies/session hijacking
Database query manipulation
Source code disclosure
Data disclosure
Shell command injection |
Automated Crawling and Link Discovery
VUPEN WASS only needs your home page
URL to automatically crawl and map
your web site, and discover your pages
and links. You will
have a complete view of your site map.
Fully Customized Scanning
Besides
being able to schedule your scans, you will be able to customize and
choose among a large number of
scanning options:
choose to scan
your full web site and pages, or
certain parts only
define
black and white lists for file extensions, folders and pages
scan using the
black-box and/or grey-box technologies
scan for a specific kind of
vulnerabilities of for all
scan for GET or POST HTTP requests, or
for both methods
inject arbitrary data using URL
rewriting for maximum detection
choose the scanning speed
to limit the impact on your web site
Extensive Web Application Support
VUPEN WASS supports web applications
developed in various languages
including PHP, ASP, HTML and JavaScript
Authenticated Scanning
VUPEN WASS supports authenticated
scanning using various methods
including Forms, HTTP Basic,
NTLM, or Digest authentications
Vulnerability Reports
VUPEN WASS
offers detailed vulnerability reports (HTML and PDF)
including criticality
levels and the list of affected pages
and parameters to help you easily fix
discovered vulnerabilities.
Why choose the VUPEN WASS ?
VUPEN WASS is based on a proprietary
technology developed by VUPEN security
experts, and combines the power of
black-box (smart and automated) and
grey-box (signature-based) scanning to
accurately identify real-world web
vulnerabilities. Each day, VUPEN Security
experts add
new signatures to the WASS database to
detect the latest web vulnerabilities
being discovered, disclosed or
exploited in the wild.
VUPEN WASS also contributes to the
open-source community by helping
developers to secure their software
and web applications, and eliminate
vulnerabilities.
Vulnerabilities discovered using WASS
Sign Up For a Free Trial
|
